rpms/openssh
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

automatic version update by autodist [release 9.9p1-1mamba;Sun Sep 22 2024]

Browse Source
This commit is contained in:
Automatic Build System 2024-09-22 11:47:18 +02:00
parent c6a4266b7a
commit 73c8bea57b
5 changed files with 39 additions and 118 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
openssh-sshd-makecerts
View File

@ -1,86 +0,0 @@
#!/bin/sh
#RSA1_KEY=/etc/ssh/ssh_host_key
RSA_KEY=/etc/ssh/ssh_host_rsa_key
DSA_KEY=/etc/ssh/ssh_host_dsa_key
ECDSA_KEY=/etc/ssh/ssh_host_ecdsa_key
ED25519_KEY=/etc/ssh/ssh_host_ed25519_key
KEYGEN=/usr/bin/ssh-keygen
#function do_rsa1_keygen
#{
# if [ ! -s $RSA1_KEY ]; then
# echo -n $"Generating SSH1 RSA host key: "
# if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
# chmod 600 $RSA1_KEY
# chmod 644 $RSA1_KEY.pub
# else
# echo $"RSA1 key generation failed!"
# exit 1
# fi
# fi
#}
function do_rsa_keygen
{
if [ ! -s $RSA_KEY ]; then
echo -n $"Generating SSH2 RSA host key: "
if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
chmod 600 $RSA_KEY
chmod 644 $RSA_KEY.pub
else
echo $"RSA key generation failed!"
exit 1
fi
fi
}
function do_dsa_keygen
{
if [ ! -s $DSA_KEY ]; then
echo -n $"Generating SSH2 DSA host key: "
if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
chmod 600 $DSA_KEY
chmod 644 $DSA_KEY.pub
else
echo $"DSA key generation failed!"
exit 1
fi
fi
}
function do_ecdsa_keygen
{
if [ ! -s $ECDSA_KEY ]; then
echo -n $"Generating SSH2 ECDSA host key: "
if $KEYGEN -q -t ecdsa -f $ECDSA_KEY -C '' -N '' >&/dev/null; then
chmod 600 $ECDSA_KEY
chmod 644 $ECDSA_KEY.pub
else
failure $"ECDSA key generation failed!"
exit 1
fi
fi
}
function do_ed25519_keygen
{
if [ ! -s $ED25519_KEY ]; then
echo -n $"Generating SSH2 ED25519 host key: "
if $KEYGEN -q -t ed25519 -f $ED25519_KEY -C '' -N '' >&/dev/null; then
chmod 600 $ED25519_KEY
chmod 644 $ED25519_KEY.pub
else
failure $"ED25519 key generation failed!"
exit 1
fi
fi
}
# Create keys if necessary
do_rsa_keygen
do_dsa_keygen
do_ecdsa_keygen
do_ed25519_keygen
exit 0

6
openssh-sshd.service
View File

@ -1,12 +1,12 @@
[Unit] [Unit]
Description=OpenSSH server daemon Description=OpenSSH server daemon
After=syslog.target network.target auditd.service Wants=sshdgenkeys.service
After=sshdgenkeys.service
After=auditd.service network.target
ConditionPathExists=!/etc/ssh/sshd_not_to_be_run ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
[Service] [Service]
EnvironmentFile=-/etc/sysconfig/ssh EnvironmentFile=-/etc/sysconfig/ssh
#ExecStartPre=/usr/bin/test -c /dev/null
ExecStartPre=/usr/bin/ssh-makecerts
ExecStart=/usr/sbin/sshd -D $SSHD_OPTS ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
ExecReload=/bin/kill -HUP $MAINPID ExecReload=/bin/kill -HUP $MAINPID
KillMode=process KillMode=process

6
openssh-sshd@.service
View File

@ -1,10 +1,10 @@
[Unit] [Unit]
Description=OpenSSH per-connection server daemon Description=OpenSSH per-connection server daemon
After=auditd.service Wants=sshdgenkeys.service
After=sshdgenkeys.service
After=auditd.service network.target
[Service] [Service]
EnvironmentFile=-/etc/sysconfig/ssh EnvironmentFile=-/etc/sysconfig/ssh
#ExecStartPre=/usr/bin/test -c /dev/null
ExecStartPre=/usr/bin/ssh-makecerts
ExecStart=-/usr/sbin/sshd -i $SSHD_OPTS ExecStart=-/usr/sbin/sshd -i $SSHD_OPTS
StandardInput=socket StandardInput=socket

12
openssh-sshdgenkeys.service Normal file
View File

@ -0,0 +1,12 @@
[Unit]
Description=SSH Key Generation
ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key
ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key.pub
ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key
ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key.pub
ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key
ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key.pub
[Service]
ExecStart=/usr/bin/ssh-keygen -A
Type=oneshot

47
openssh.spec
View File

@ -6,7 +6,7 @@
%define with_selinux 0 %define with_selinux 0
Name: openssh Name: openssh
Version: 9.8p1 Version: 9.9p1
Release: 1mamba Release: 1mamba
Summary: OpenSSH free Secure Shell (SSH) implementation Summary: OpenSSH free Secure Shell (SSH) implementation
Group: Network/Security Group: Network/Security
@ -16,7 +16,7 @@ Packager: Silvan Calarco <silvan.calarco@mambasoft.it>
URL: https://www.openssh.com/ URL: https://www.openssh.com/
Source0: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz Source0: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
Source1: openssh-pamdconf Source1: openssh-pamdconf
Source2: openssh-sshd-makecerts Source2: openssh-sshdgenkeys.service
Source3: openssh-sshd.service Source3: openssh-sshd.service
Source4: openssh-sshd@.service Source4: openssh-sshd@.service
Source5: openssh-sshd.socket Source5: openssh-sshd.socket
@ -168,7 +168,7 @@ install -d %{buildroot}%{_sysconfdir}/{ssh,pam.d}
%makeinstall %makeinstall
install -D -m 600 %{S:1} %{buildroot}%{_sysconfdir}/pam.d/sshd install -D -m 600 %{S:1} %{buildroot}%{_sysconfdir}/pam.d/sshd
install -D -m 755 %{SOURCE2} %{buildroot}%{_bindir}/ssh-makecerts install -D -m 755 %{SOURCE2} %{buildroot}%{_unitdir}/sshdgenkeys.service
install -D -m 644 %{SOURCE3} %{buildroot}%{_unitdir}/sshd.service install -D -m 644 %{SOURCE3} %{buildroot}%{_unitdir}/sshd.service
install -D -m 644 %{SOURCE4} %{buildroot}%{_unitdir}/sshd@.service install -D -m 644 %{SOURCE4} %{buildroot}%{_unitdir}/sshd@.service
install -D -m 644 %{SOURCE5} %{buildroot}%{_unitdir}/sshd.socket install -D -m 644 %{SOURCE5} %{buildroot}%{_unitdir}/sshd.socket
@ -206,15 +206,12 @@ fi
/usr/sbin/groupadd sshd -g %{groupid} 2>/dev/null || : /usr/sbin/groupadd sshd -g %{groupid} 2>/dev/null || :
/usr/sbin/useradd -u %{userid} -g sshd -c 'ssh daemon' -d /var/empty \ /usr/sbin/useradd -u %{userid} -g sshd -c 'ssh daemon' -d /var/empty \
-s /bin/false sshd 2>/dev/null -s /bin/false sshd 2>/dev/null
exit 0 :
%post server %post server
if [ $1 -eq 1 ]; then %systemd_post sshdgenkeys.service
# new install %systemd_post sshd.socket
%{_bindir}/ssh-makecerts
# /sbin/chkconfig --add sshd
# service sshd start
fi
if [ $1 -gt 1 ]; then if [ $1 -gt 1 ]; then
# update # update
sed -i 's/#X11Forwarding no/X11Forwarding yes/' \ sed -i 's/#X11Forwarding no/X11Forwarding yes/' \
@ -222,32 +219,23 @@ if [ $1 -gt 1 ]; then
grep "AcceptEnv" %{_sysconfdir}/ssh/sshd_config >/dev/null || \ grep "AcceptEnv" %{_sysconfdir}/ssh/sshd_config >/dev/null || \
echo " AcceptEnv LANG LC_*" >> %{_sysconfdir}/ssh/sshd_config echo " AcceptEnv LANG LC_*" >> %{_sysconfdir}/ssh/sshd_config
fi fi
exit 0 :
%posttrans server
systemctl -q daemon-reload
systemctl -q enable sshd.socket
systemctl -q start sshd.socket
exit 0
%preun server %preun server
if [ $1 -eq 0 ]; then %systemd_preun sshdgenkeys.service
# erase %systemd_preun sshd.socket
systemctl -q stop sshd.socket :
systemctl -q disable sshd.socket
fi
exit 0
%postun server %postun server
systemctl -q daemon-reload %systemd_postun_with_restart sshdgenkeys.service
exit 0 %systemd_postun sshd.socket
:
%files common %files common
%defattr(-,root,root) %defattr(-,root,root)
%{_bindir}/ssh-copy-id %{_bindir}/ssh-copy-id
%{_bindir}/ssh-keygen %{_bindir}/ssh-keygen
%{_bindir}/ssh-keyscan %{_bindir}/ssh-keyscan
%{_bindir}/ssh-makecerts
%{_libexecdir}/openssh/ssh-keysign %{_libexecdir}/openssh/ssh-keysign
%{_libexecdir}/openssh/ssh-pkcs11-helper %{_libexecdir}/openssh/ssh-pkcs11-helper
%{_libexecdir}/openssh/ssh-sk-helper %{_libexecdir}/openssh/ssh-sk-helper
@ -279,6 +267,7 @@ exit 0
%config(noreplace) %{_sysconfdir}/ssh/moduli %config(noreplace) %{_sysconfdir}/ssh/moduli
%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/ssh/sshd_config %config(noreplace) %attr(0600,root,root) %{_sysconfdir}/ssh/sshd_config
%{_sbindir}/sshd %{_sbindir}/sshd
%{_unitdir}/sshdgenkeys.service
%{_unitdir}/sshd.service %{_unitdir}/sshd.service
%{_unitdir}/sshd.socket %{_unitdir}/sshd.socket
%{_unitdir}/sshd@.service %{_unitdir}/sshd@.service
@ -296,6 +285,12 @@ exit 0
%{_libexecdir}/openssh/ssh-askpass %{_libexecdir}/openssh/ssh-askpass
%changelog %changelog
* Sun Sep 22 2024 Automatic Build System <autodist@openmamba.org> 9.9p1-1mamba
- automatic version update by autodist
* Sat Sep 21 2024 Silvan Calarco <silvan.calarco@mambasoft.it> 9.8p1-2mamba
- replace old ssh-makecerts with sshdgenkeys service
* Sat Jul 06 2024 Automatic Build System <autodist@openmamba.org> 9.8p1-1mamba * Sat Jul 06 2024 Automatic Build System <autodist@openmamba.org> 9.8p1-1mamba
- automatic version update by autodist - automatic version update by autodist